64.91.248.116 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 64.91.248.116 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 20/100

Host and Network Information

• View other sources: Spamhaus VirusTotal

• Country: United States
• Network: AS32244 liquid web l.l.c
• Noticed: 1 times
• Protcols Attacked: SSH
• Passive DNS Results: www.joinmigreenpower.com joinmigreenpower.com www.growwithheartland.com growwithheartland.com f92.flightcheck.mediareturnexchange.com www.f92.flightcheck.mediareturnexchange.com wfh.dpplus.com www.careers.mbfs.com www.fromofficeofdanieljloepp.com rairsystems.net focusiqmarketing.com mosyle.dpplus.com www.mosyle.dpplus.com rairsystems.org testing.covidsafewayne.org www.testing.covidsafewayne.org donations.dpplus.com www.donations.dpplus.com www.comittedtomichigan.com www.commitedtomichigan.com www.committedtomichigan.com www.staging.rairsystems.com art.mbfs.com www.staging.covidsafedearborn.org staging.covidsafedearborn.org www.testing.covidsafehamtramck.org testing.covidsafehamtramck.org staging.covidsafehamtramck.org www.staging.covidsafehamtramck.org www.staging.covidsafewayne.org staging.covidsafewayne.org covidsafedearborn.org covidsafehamtramck.org covidsafewayne.org www.covidsafehamtramck.org www.covidsafewayne.org www.covidsafedearborn.org www.taggerator.dpplus.com www.staging.mediareturnexchange.com staging.mediareturnexchange.com staging.corp.mbfs.com www.staging.corp.mbfs.com staging.art.mbfs.com www.staging.art.mbfs.com cpcontacts.chooseconfidently.com cpcalendars.chooseconfidently.com www.rairsystem.com taggerator.dp-company.com testing.cms.mibluebcbsm.com www.testing.cms.mibluebcbsm.com staging.cms.mibluebcbsm.com www.staging.cms.mibluebcbsm.com www.cms.mibluebcbsm.com cms.mibluebcbsm.com freetestwayne.org cpcalendars.freetestwayne.org cpcontacts.freetestwayne.org www.freetestwayne.org www.freetestswayne.org freetestswayne.org host.duffeypetrosky.net www.testing.covidsafedearborn.org testing.covidsafedearborn.org careers.mbfs.com cpcontacts.givefluashotmi.com cpcalendars.givefluashotmi.com www.givefluashotmi.com givefluashotmi.com fromofficeofdanieljloepp.com www.moparaccessoryportal.com cpcontacts.moparaccessoryportal.com cpcalendars.moparaccessoryportal.com moparaccessoryportal.com www.staging.moparaccessoryportal.com staging.moparaccessoryportal.com www.testing.moparaccessoryportal.com testing.moparaccessoryportal.com cpcalendars.committedtomichigan.com cpcontacts.committedtomichigan.com www.boardmembers.timeformore.com www.staging.timeformore.com www.testing.corp.mbfs.com testing.corp.mbfs.com cpcontacts.healthcareseminar.com cpcalendars.healthcareseminar.com testing.haptixgroup.com www.testing.haptixgroup.com www.haptixgroup.com cpcalendars.haptixgroup.com haptixgroup.com cpcontacts.haptixgroup.com www.staging.haptixgroup.com staging.haptixgroup.com staging.bcbsmplan.com www.staging.bcbsmplan.com www.boardmembers.hereforitall.com boardmembers.hereforitall.com cpcalendars.hereforitall.com www.hereforitall.com cpcontacts.hereforitall.com testing.firstclassdemandnotes.com www.testing.firstclassdemandnotes.com hereforitall.com www.testing.art.mbfs.com testing.art.mbfs.com dev.timeformore.com cpcontacts.bcbsmplan.com cpcalendars.bcbsmplan.com stayconnectedmi.com www.stayconnectedmi.com cpcalendars.stayconnectedmi.com cpcontacts.stayconnectedmi.com cpcalendars.embarkdigital.com cpcontacts.embarkdigital.com commitedtomichigan.com committedtomichigan.com comittedtomichigan.com www.dashboard.mediareturnexchange.com dashboard.mediareturnexchange.com www.mediareturnexchange.com mediareturnexchange.com cpcalendars.mediareturnexchange.com cpcontacts.mediareturnexchange.com cpcontacts.rairsystems.com cpcalendars.rairsystems.com cpcalendars.duffeypetrosky.com cpcontacts.duffeypetrosky.com cpcontacts.dp-company.com cpcalendars.dp-company.com cpcalendars.ola.dp-company.com cpcontacts.ola.dp-company.com ola.dp-company.com www.ola.dp-company.com staging.friend.goconfidently.com www.staging.friend.goconfidently.com uat.embarkdigital.com cpcalendars.firstclassdemandnotes.com cpcontacts.firstclassdemandnotes.com www.testing.dpplus.com staging.dpplus.com corp.mbfs.com www.taggerator.dp-company.com www.autoplus.embarkdigital.com www.flightcheck.mediareturnexchange.com cpcontacts.flightcheck.mediareturnexchange.com cpcalendars.flightcheck.mediareturnexchange.com flightcheck.mediareturnexchange.com www.testing.flightcheck.mediareturnexchange.com testing.flightcheck.mediareturnexchange.com www.zd.dpplus.com zd.dpplus.com cpcalendars.mibluebcbsm.com cpcontacts.mibluebcbsm.com cpcontacts.goconfidently.com cpcalendars.goconfidently.com cpcontacts.friend.goconfidently.com cpcalendars.friend.goconfidently.com cpcontacts.timeformore.com timeformore.com cpcalendars.timeformore.com www.friend.goconfidently.com friend.goconfidently.com www.duffeypetrosky.org www.dpplus.com www.dpcompany.net www.dpcompany.org www.duffypetroski.com duffypetrosky.com www.duffeypetrosky.us dpplus.com www.embark.digital embark.digital www.embarkdigital.com subway.dpplus.com www.subway.dpplus.com www.bcbsmplan.com bcbsmplan.com www.staging.flightcheck.mediareturnexchange.com staging.flightcheck.mediareturnexchange.com www.duffiepetrosky.com duffiepetrosky.com dpcompany.net duffeypetrosky.us www.dpcompany.com dpcompany.com www.staging.impact100oaklandcounty.org www.testing.rairsystems.com testing.rairsystems.com taggerator.dpplus.com www.timeformore.com boardmembers.timeformore.com staging.timeformore.com www.dev.timeformore.com rightchoicemedicare.com www.uat.therightchoicemedicare.com prod.embarkdigital.com dpcompany.org helpdesk.embarkdigital.com testing.dpplus.com www.staging.dpplus.com merc.embarkdigital.com staging.rairsystems.com www.dp-company.com dp-company.com www.mibluebcbsm.com mibluebcbsm.com winter.ziebart.com www.winter.ziebart.com www.zmore.ziebart.com zmore.ziebart.com www.firstclassdemandnotes.com staging.firstclassdemandnotes.com www.staging.firstclassdemandnotes.com www.verify.firstclassdemandnotes.com verify.firstclassdemandnotes.com www.helpdesk.dpplus.com helpdesk.dpplus.com www.chicago-wildfire.com healthcareseminar.com www.healthcareseminar.com www.medicarecompletepackage.com medicarecompletepackage.com rairsystems.com rairsystem.com www.rairsystems.com impact100oaklandcounty.org www.impact100oaklandcounty.org www.borgess.embarkdigital.com borgess.embarkdigital.com helpdesk.duffeypetrosky.com www.helpdesk.duffeypetrosky.com toolkit.mclaren.org www.testing.chooseconfidently.com testing.chooseconfidently.com www.chooseconfidently.com chooseconfidently.com staging.chooseconfidently.com www.staging.chooseconfidently.com testing.goconfidently.com www.testing.goconfidently.com goconfidently.com www.goconfidently.com www.rightchoicemedicare.com medicareguidenow.com therightchoicemedicare.com medicareguidetoday.com www.therightchoicemedicare.com medicarerightchoice.com uat.rightchoicemedicare.com uat.therightchoicemedicare.com uat.medicareguidetoday.com www.medicareguidetoday.com www.medicarerightchoice.com www.uat.rightchoicemedicare.com uat.medicarerightchoice.com uat.medicareguidenow.com www.uat.medicareguidetoday.com www.dev.dpplus.com dev.dpplus.com duffeypetroskey.com www.prod.embarkdigital.com www.duffeypetrosky.net duffeypetrosky.net www.falcontest.embarkdigital.com www.uat.embarkdigital.com www.merc.embarkdigital.com www.duffypetrosky.com duffypetroski.com duffeypetrosky.org www.duffeypetroskey.com www.duffeypetrosky.com lbcu.com firstclassdemandnotes.com duffeypetrosky.com chicago-wildfire.com embarkdigital.com

Open Ports Detected

110 143 2082 2083 2086 2087 21 443 465 522 53 587 80 993 995

CVEs Detected

CVE-2016-20012 CVE-2017-15906 CVE-2018-15473 CVE-2018-15919 CVE-2018-20685 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2020-14145 CVE-2020-15778 CVE-2021-36368 CVE-2021-41617 CVE-2023-38408

Map

Whois Information

• NetRange: 64.91.224.0 - 64.91.255.255
• CIDR: 64.91.224.0/19
• NetName: LIQUIDWEB
• NetHandle: NET-64-91-224-0-1
• Parent: NET64 (NET-64-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS32244
• Organization: Liquid Web, L.L.C (LQWB)
• RegDate: 2001-07-20
• Updated: 2012-02-24
• Ref: https://rdap.arin.net/registry/ip/64.91.224.0
• OrgName: Liquid Web, L.L.C
• OrgId: LQWB
• Address: 4210 Creyts Rd.
• City: Lansing
• StateProv: MI
• PostalCode: 48917
• Country: US
• RegDate: 2001-07-20
• Updated: 2020-04-29
• Ref: https://rdap.arin.net/registry/entity/LQWB
• OrgAbuseHandle: ABUSE551-ARIN
• OrgAbuseName: Abuse
• OrgAbusePhone: +1-800-580-4985
• OrgAbuseEmail: abuse@liquidweb.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE551-ARIN
• OrgTechHandle: IPADM47-ARIN
• OrgTechName: IP Administrator
• OrgTechPhone: +1-800-580-4985
• OrgTechEmail: ipadmin@liquidweb.com
• OrgTechRef: https://rdap.arin.net/registry/entity/IPADM47-ARIN
• RTechHandle: IPADM47-ARIN
• RTechName: IP Administrator
• RTechPhone: +1-800-580-4985
• RTechEmail: ipadmin@liquidweb.com
• RTechRef: https://rdap.arin.net/registry/entity/IPADM47-ARIN
• RAbuseHandle: IPADM47-ARIN
• RAbuseName: IP Administrator
• RAbusePhone: +1-800-580-4985
• RAbuseEmail: ipadmin@liquidweb.com
• RAbuseRef: https://rdap.arin.net/registry/entity/IPADM47-ARIN
• network:Class-Name:network
• network:ID:NETBLK-SOURCEDNS.64.91.224.0/19
• network:Auth-Area:64.91.224.0/19
• network:Network-Name:SOURCEDNS-64.91.224.0
• network:IP-Network:64.91.224.0/19
• network:IP-Network-Block:64.91.224.0 - 64.91.255.255
• network:Organization;I:SOURCEDNS
• network:Org-Name:SourceDNS
• network:Street-Address:4210 Creyts Rd.
• network:City:Lansing
• network:State:MI
• network:Postal-Code:48917
• network:Country-Code:US
• network:Created:20040212
• network:Updated:20060327

Links to attack logs

****** ****** ******